UNPKG

@blocklet/xss

Version:

blocklet prevent xss attack

39 lines (37 loc) 923 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); var _exportNames = { xss: true }; exports.xss = xss; var _utils = require("./utils"); Object.keys(_utils).forEach(function (key) { if (key === "default" || key === "__esModule") return; if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return; if (key in exports && exports[key] === _utils[key]) return; Object.defineProperty(exports, key, { enumerable: true, get: function () { return _utils[key]; } }); }); function xss(options = {}) { const sanitize = (0, _utils.initSanitize)(options); return (req, res, next) => { ["body", "params", "headers", "query"].forEach(k => { if (req[k]) { req[k] = sanitize(req[k]); } }); next(); }; } module.exports = { xss, initSanitize: _utils.initSanitize, isSvgFile: _utils.isSvgFile, sanitizeSvg: _utils.sanitizeSvg };